From f38b9af0754c39ad5e741e024f4fa3c90b050136 Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Thu, 8 Feb 2024 23:44:36 +0100 Subject: [PATCH] manage vcpus and memory of VMs fix kitchenowl connectivity --- .../docker_swarm/ansible/inventory/hosts.yml | 10 ++++----- .../docker_swarm/ansible/playbooks/setup.yml | 14 ++++++------- .../ansible/playbooks/stacks2.yml | 5 ----- .../ansible/roles/forgejo/docker-stack.yml.j2 | 5 +++-- .../roles/kitchenowl/docker-stack.yml.j2 | 5 ++++- nixos/machines/default.nix | 21 +++++++++++-------- .../networking/dmz_services/dnsmasq.nix | 4 ++-- nixos/virtual/default.nix | 3 +++ 8 files changed, 36 insertions(+), 31 deletions(-) delete mode 100644 legacy/projects/docker_swarm/ansible/playbooks/stacks2.yml diff --git a/legacy/projects/docker_swarm/ansible/inventory/hosts.yml b/legacy/projects/docker_swarm/ansible/inventory/hosts.yml index 6254371..55cb1f8 100644 --- a/legacy/projects/docker_swarm/ansible/inventory/hosts.yml +++ b/legacy/projects/docker_swarm/ansible/inventory/hosts.yml @@ -1,11 +1,11 @@ all: hosts: - primary: - ansible_host: 192.168.30.42 + manager: + ansible_host: maestro.dmz children: - secondaries: + workers: hosts: bancomart: - ansible_host: bancomart2.dmz + ansible_host: bancomart.dmz vpay: - ansible_host: vpay2.dmz + ansible_host: vpay.dmz diff --git a/legacy/projects/docker_swarm/ansible/playbooks/setup.yml b/legacy/projects/docker_swarm/ansible/playbooks/setup.yml index ca4fec6..f784c21 100644 --- a/legacy/projects/docker_swarm/ansible/playbooks/setup.yml +++ b/legacy/projects/docker_swarm/ansible/playbooks/setup.yml @@ -1,23 +1,23 @@ --- -- name: Setup Docker Swarm primary - hosts: primary +- name: Setup Docker Swarm manager + hosts: manager tasks: - name: Create Docker Swarm docker_swarm: - - name: Get Docker Swarm primary info + - name: Get Docker Swarm manager info docker_swarm_info: nodes: yes nodes_filters: - name: primary + name: manager register: swarm_info -- hosts: secondaries +- hosts: workers tasks: - name: Join Docker Swarm docker_swarm: state: join - join_token: "{{ hostvars.primary.swarm_info.swarm_facts.JoinTokens.Worker }}" + join_token: "{{ hostvars.manager.swarm_info.swarm_facts.JoinTokens.Worker }}" remote_addrs: - - "{{ hostvars.primary.ansible_default_ipv4.address }}" + - "{{ hostvars.manager.ansible_default_ipv4.address }}" diff --git a/legacy/projects/docker_swarm/ansible/playbooks/stacks2.yml b/legacy/projects/docker_swarm/ansible/playbooks/stacks2.yml deleted file mode 100644 index e17e903..0000000 --- a/legacy/projects/docker_swarm/ansible/playbooks/stacks2.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Start Docker stacks - hosts: primary - roles: - - {role: cyberchef2, tags: cyberchef2} diff --git a/legacy/projects/docker_swarm/ansible/roles/forgejo/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/forgejo/docker-stack.yml.j2 index 1fa6ec6..ecb54a6 100644 --- a/legacy/projects/docker_swarm/ansible/roles/forgejo/docker-stack.yml.j2 +++ b/legacy/projects/docker_swarm/ansible/roles/forgejo/docker-stack.yml.j2 @@ -33,8 +33,9 @@ services: target: /data volume: nocopy: true - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro + # TODO: fix this + # - /etc/timezone:/etc/timezone:ro + # - /etc/localtime:/etc/localtime:ro deploy: placement: constraints: diff --git a/legacy/projects/docker_swarm/ansible/roles/kitchenowl/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/kitchenowl/docker-stack.yml.j2 index 1b3b4a2..a1d51c0 100644 --- a/legacy/projects/docker_swarm/ansible/roles/kitchenowl/docker-stack.yml.j2 +++ b/legacy/projects/docker_swarm/ansible/roles/kitchenowl/docker-stack.yml.j2 @@ -36,7 +36,9 @@ services: kitchenowl: image: tombursch/kitchenowl:v92 networks: - - kitchenowl + kitchenowl: + aliases: + - kitchenowl environment: - JWT_SECRET_KEY={{ jwt_secret_key }} volumes: @@ -45,3 +47,4 @@ services: target: /data volume: nocopy: true + hostname: kitchenowl diff --git a/nixos/machines/default.nix b/nixos/machines/default.nix index e1e94da..f477c99 100644 --- a/nixos/machines/default.nix +++ b/nixos/machines/default.nix @@ -83,29 +83,30 @@ }; }; - maestro2 = { + maestro = { type = "virtual"; hypervisorName = "atlas"; - nixosModule = { pkgs, lib, config, ... }: { + nixosModule = { config, ... }: { + microvm.balloonMem = 7680; + lab = { dockerSwarm.enable = true; vm = { id = 1; - staticNetworking = true; - staticIPv4 = "192.168.30.42"; - staticIPv6 = "2a0d:6e00:1a77:30::42"; }; }; }; }; - bancomart2 = { + bancomart = { type = "virtual"; hypervisorName = "jefke"; - nixosModule = { pkgs, lib, config, ... }: { + nixosModule = { + microvm.balloonMem = 7680; + lab = { dockerSwarm.enable = true; vm.id = 2; @@ -113,11 +114,13 @@ }; }; - vpay2 = { + vpay = { type = "virtual"; hypervisorName = "lewis"; - nixosModule = { pkgs, lib, config, ... }: { + nixosModule = { + microvm.balloonMem = 5632; + lab = { dockerSwarm.enable = true; vm.id = 3; diff --git a/nixos/modules/networking/dmz_services/dnsmasq.nix b/nixos/modules/networking/dmz_services/dnsmasq.nix index cbfe90d..258f392 100644 --- a/nixos/modules/networking/dmz_services/dnsmasq.nix +++ b/nixos/modules/networking/dmz_services/dnsmasq.nix @@ -17,7 +17,7 @@ in port = "5353"; host-record = [ "hermes.dmz,${cfg.dmz.ipv4.services},${cfg.dmz.ipv6.services}" - "ipv4.hermes.dmz,${cfg.dmz.ipv4.services}" + "ipv4.hermes.dmz,${cfg.dmz.ipv4.services}" # TODO: Do we need these? "ipv6.hermes.dmz,${cfg.dmz.ipv6.services}" ]; @@ -34,7 +34,7 @@ in dhcp-host = [ "b8:27:eb:b9:ab:e2,esrom" - "ca:fe:c0:ff:ee:08,maestro,${cfg.dmz.ipv4.dockerSwarm}" + "ba:db:ee:f0:00:01,maestro,${cfg.dmz.ipv4.dockerSwarm}" ]; dhcp-option = [ diff --git a/nixos/virtual/default.nix b/nixos/virtual/default.nix index d0035b7..f3bf85b 100644 --- a/nixos/virtual/default.nix +++ b/nixos/virtual/default.nix @@ -85,6 +85,9 @@ }; microvm = { + # TODO: make this dependent on the host CPU + vcpu = 4; + shares = [{ source = "/nix/store"; mountPoint = "/nix/.ro-store";